Access control based on behavioral characteristics
This article presents an analysis of the publication of Brazilian researchers in the field of controlling the access of users of mobile devices based on an analysis of its behavioral characteristics.
In the development of adaptive access-based location-based access control methods, behavioral features have emerged. A distinctive feature of these methods is the desire to take into account some unique features of each individual user in order to protect against the threats of using personal devices of the user, especially mobile, by unauthorized people.
One of the most interesting studies in this area is the study of Brazilian scientists on the issues of adaptive authentication based on the behavior of mobile users and the space-time context [1]. The proposed security mechanism was based on the space-time permutation model , as well as the vector similarity model for identifying authentication anomalies [1, p.771].
')
One of the main tasks solved in this work was the creation of a context-dependent authentication method that reduces the number of necessary explicit user actions for logging into a secure system.
The currently existing approaches use fairly simplified approaches in models to take context data into account and, as a rule, take context data from the device, not the user. Thus, to a large extent, these mechanisms are at risk of making wrong decisions in access control.
In the work of Brazilian scientists proposed to use 4 types of contexts for authentication, differing in the time of formation and attributes associated with the user.
it
To take into account the behavioral characteristics of the proposed behavioral model consisting of a set of user activities, each of which consists of a set of events. The event is a vector of three values:
Analytically, this model can be represented as formulas:
To describe the probabilistic properties of the proposed behavioral model, it was proposed to use the hypergeometric probability distribution law described by the formula
where e is the number of events in the time space t located in the region z with polar coordinates expressed as
; E is the total number of observed events; 
- the total number of conditional events expressed by the formula; 
- the conditional probability of an event in the region z, which occurred at the time t1 and t2, defined in a limited region a, which models a probable cluster.
To determine the degree of confidence in the current access context, it is proposed to use a vector-spatial model, on the basis of which it is possible to calculate the similarity vector of two vectors consisting of a vector of values of the weights of the parameters of the current context and a stored set of data vectors of parameters of previous information interactions. Analytically, the similarity value is calculated by the formula
where E is the vector of values of the weights of the parameters of the current access context, Pj is the set of vectors of these parameters of the previous information interactions.
In this paper, the architecture of an adaptive authentication system based on the space-time context and behavioral characteristics was also proposed.
The key elements of this system are context sensors, a trust analyzer, a user profile database and an adaptive authentication service.
To test the proposed models, the authors carried out approbation under the conditions of the hospital. As a result, experimental results were obtained, allowing to conclude that the use of this system is justified, since it allows to significantly reduce the number of necessary explicit actions to enter the system, provided that they are carried out by the same same user. However, as the researchers note, despite the results, a 100% probability of identifying a legitimate user was not achieved.
In addition, the proposed approach has a number of other disadvantages, such as
yetiman I would be happy to give comments about the publication.
Literature:
1. 5. Rocha CC A2BeST: An An Adaptive Authentication Service Based on Mobile User's Behavior Spatio-Temporal Context / Cristiano C. Rocha, Joao Carlos D. Lima, MAR Dantas: IEEE Press, 2011. No. 11. P. 771 -774.
In the development of adaptive access-based location-based access control methods, behavioral features have emerged. A distinctive feature of these methods is the desire to take into account some unique features of each individual user in order to protect against the threats of using personal devices of the user, especially mobile, by unauthorized people.
One of the most interesting studies in this area is the study of Brazilian scientists on the issues of adaptive authentication based on the behavior of mobile users and the space-time context [1]. The proposed security mechanism was based on the space-time permutation model , as well as the vector similarity model for identifying authentication anomalies [1, p.771].
')
One of the main tasks solved in this work was the creation of a context-dependent authentication method that reduces the number of necessary explicit user actions for logging into a secure system.
The currently existing approaches use fairly simplified approaches in models to take context data into account and, as a rule, take context data from the device, not the user. Thus, to a large extent, these mechanisms are at risk of making wrong decisions in access control.
In the work of Brazilian scientists proposed to use 4 types of contexts for authentication, differing in the time of formation and attributes associated with the user.
it
- operating
- spatial
- intrapersonal
- environment context
To take into account the behavioral characteristics of the proposed behavioral model consisting of a set of user activities, each of which consists of a set of events. The event is a vector of three values:
- some situation
- of time
- locations
Analytically, this model can be represented as formulas:
To describe the probabilistic properties of the proposed behavioral model, it was proposed to use the hypergeometric probability distribution law described by the formula
where e is the number of events in the time space t located in the region z with polar coordinates expressed as
; E is the total number of observed events; - the total number of conditional events expressed by the formula; - the conditional probability of an event in the region z, which occurred at the time t1 and t2, defined in a limited region a, which models a probable cluster.To determine the degree of confidence in the current access context, it is proposed to use a vector-spatial model, on the basis of which it is possible to calculate the similarity vector of two vectors consisting of a vector of values of the weights of the parameters of the current context and a stored set of data vectors of parameters of previous information interactions. Analytically, the similarity value is calculated by the formula
where E is the vector of values of the weights of the parameters of the current access context, Pj is the set of vectors of these parameters of the previous information interactions.
In this paper, the architecture of an adaptive authentication system based on the space-time context and behavioral characteristics was also proposed.
Here is the architecture itself
The key elements of this system are context sensors, a trust analyzer, a user profile database and an adaptive authentication service.
To test the proposed models, the authors carried out approbation under the conditions of the hospital. As a result, experimental results were obtained, allowing to conclude that the use of this system is justified, since it allows to significantly reduce the number of necessary explicit actions to enter the system, provided that they are carried out by the same same user. However, as the researchers note, despite the results, a 100% probability of identifying a legitimate user was not achieved.
In addition, the proposed approach has a number of other disadvantages, such as
- errors of legitimate users or the implementation of targeted destructive or unauthorized actions that pose a threat to IB
- insufficient consideration of contextual characteristics of access, incl. context and security of the object of access (services and information resources)
- use, incl. short-term, violator of a running secure session during the absence of a legitimate user
- threats arising from the introduction of hardware bookmarks and malware
yetiman I would be happy to give comments about the publication.
Literature:
1. 5. Rocha CC A2BeST: An An Adaptive Authentication Service Based on Mobile User's Behavior Spatio-Temporal Context / Cristiano C. Rocha, Joao Carlos D. Lima, MAR Dantas: IEEE Press, 2011. No. 11. P. 771 -774.
Source: https://habr.com/ru/post/193640/
All Articles